95 lines
7.8 KiB
HTML
95 lines
7.8 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="Java Authentication and Authorization Service" />
|
|
<meta name="abstract" content="The Java Authentication and Authorization Service (JAAS) is a standard extension to the Java 2 Software Development Kit (J2SDK), Standard Edition. J2SDK provides access controls that are based on where the code originated and who signed the code (code source-based access controls). It lacks, however, the ability to enforce additional access controls based on who runs the code. JAAS provides a framework that adds this support to the Java 2 security model." />
|
|
<meta name="description" content="The Java Authentication and Authorization Service (JAAS) is a standard extension to the Java 2 Software Development Kit (J2SDK), Standard Edition. J2SDK provides access controls that are based on where the code originated and who signed the code (code source-based access controls). It lacks, however, the ability to enforce additional access controls based on who runs the code. JAAS provides a framework that adds this support to the Java 2 security model." />
|
|
<meta name="DC.Relation" scheme="URI" content="ptfdocs/index.html" />
|
|
<meta name="DC.Relation" scheme="URI" content="security.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="securmod.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzahajce.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzahajssemain.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzahajgssover.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="jaasprep.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="api.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="jaassamp.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="jaasbase" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Java Authentication and Authorization Service</title>
|
|
</head>
|
|
<body id="jaasbase"><a name="jaasbase"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Java Authentication and Authorization Service</h1>
|
|
<div><p>The Java™ Authentication and Authorization Service (JAAS)
|
|
is a standard extension to the Java 2 Software Development Kit (J2SDK),
|
|
Standard Edition. J2SDK provides access controls that are based
|
|
on where the code originated and who signed the code (code source-based access
|
|
controls). It lacks, however, the ability to enforce additional access controls
|
|
based on who runs the code. JAAS provides a framework that adds this support
|
|
to the Java 2 security model.</p>
|
|
<p>The JAAS API is used by IBM<sup>®</sup> and Sun Microsystems, Inc. as an extension to the
|
|
J2SDK, version 1.3. IBM and Sun are introducing this extension to allow the
|
|
association of a specific user or identity to the current Java thread.
|
|
This is done by using javax.security.auth.Subject methods and, optionally,
|
|
with the underlying operating system thread using com.ibm.security.auth.ThreadSubject
|
|
methods.</p>
|
|
<div class="note"><span class="notetitle">Note:</span> For J2SDK, version 1.4 and subsequent versions, JAAS is no longer an
|
|
extension, but is part of the base SDK.</div>
|
|
<p>The JAAS implementation on the iSeries™ server is compatible with the
|
|
implementation of Sun Microsystems, Inc. This documentation covers the unique
|
|
aspects of the iSeries implementation.
|
|
We assume that you are familiar with the general documentation for the JAAS
|
|
extensions. To make it easier for you to work with that and our iSeries information,
|
|
we provide the following links.</p>
|
|
<ul><li><a href="api.htm#api">Java Authentication and Authorization Service (JAAS) 1.0</a> provides information on using the JAAS
|
|
API in software development.</li>
|
|
<li><a href="javaapi/guide/security/jaas/JAASLMDevGuide.html" target="_blank">JAAS LoginModule Developer's Guide</a> focuses on the
|
|
authentication aspects of JAAS.</li>
|
|
<li><a href="apidocs/index.html" target="_blank">JAAS API
|
|
Specification</a> contains the Javadoc information on JAAS.</li>
|
|
</ul>
|
|
</div>
|
|
<div>
|
|
<ul class="ullinks">
|
|
<li class="ulchildlink"><strong><a href="jaasprep.htm">Prepare and configure an iSeries server for Java Authentication and Authorization Service</a></strong><br />
|
|
You must meet software requirements and configure your iSeries server
|
|
to use Java Authentication and Authorization Service (JAAS).</li>
|
|
<li class="ulchildlink"><strong><a href="api.htm">Java Authentication and Authorization Service (JAAS) 1.0</a></strong><br />
|
|
This document was last updated March 17, 2000.</li>
|
|
<li class="ulchildlink"><strong><a href="jaassamp.htm">Java Authentication and Authorization Service samples</a></strong><br />
|
|
This topic contains samples of Java Authentication and Authorization Service
|
|
(JAAS) on an iSeries server. </li>
|
|
</ul>
|
|
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="security.htm" title="This topic provides details on adopted authority and explains how you can use SSL to make socket streams secure in your Java application.">Java security</a></div>
|
|
</div>
|
|
<div class="relconcepts"><strong>Related concepts</strong><br />
|
|
<div><a href="securmod.htm" title="You can download Java applets from any system; thus, security mechanisms exist within the Java virtual machine to protect against malicious applets. The Java runtime system verifies the bytecodes as the Java virtual machine loads them. This ensures that they are valid bytecodes and that the code does not violate any of the restrictions that the Java virtual machine places on Java applets.">Java security model</a></div>
|
|
<div><a href="rzahajce.htm" title="The Java Cryptography Extension (JCE) 1.2 is a standard extension to the Java 2 Software Development Kit (J2SDK), Standard Edition. The JCE implementation on an iSeries server is compatible with the implementation of Sun Microsystems, Inc. This documentation covers the unique aspects of the iSeries implementation.">Java Cryptography Extension</a></div>
|
|
<div><a href="rzahajssemain.htm" title="The Java Secure Socket Extension (JSSE) is the Java implementation of the Secure Sockets Layer (SSL) protocol. JSSE uses SSL and the Transport Layer Security (TLS) protocol to enable clients and servers to conduct secure communications over TCP/IP.">Java Secure Socket Extension</a></div>
|
|
<div><a href="rzahajgssover.htm" title="The Java Generic Security Service (JGSS) provides a generic interface for authentication and secure messaging. Under this interface you can plug a variety of security mechanisms based on secret-key, public-key, or other security technologies.">IBM Java Generic Security Service (JGSS)</a></div>
|
|
</div>
|
|
<div class="relinfo"><strong>Related information</strong><br />
|
|
<div><a href="ptfdocs/index.html" target="_blank">iSeries-server
|
|
specific JAAS Javadoc</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |